gdpr and social surveys
play

GDPR and Social Surveys The Opportunities in Practice 14 January - PowerPoint PPT Presentation

Apr 11, 2024 •377 likes •593 views

GDPR and Social Surveys The Opportunities in Practice 14 January 2019 Debrah Harding Managing Director MRS Agenda Topics Overview of GDPR - legislative framework - impact of Brexit - reminder of some key concepts Public interest research

  1. GDPR and Social Surveys The Opportunities in Practice 14 January 2019 Debrah Harding Managing Director MRS

  2. Agenda Topics Overview of GDPR - legislative framework - impact of Brexit - reminder of some key concepts Public interest research - definition of public interest - who can undertake research in the public interest - using public task as a ground for processing Scientific and statistical research - collecting special category data Research exemption - data subject rights - adaptions to the data protection principles

  3. Objectives for Today To help you and your colleagues:  Increase awareness of the legal privacy and data framework for research  Identify differences between GDPR, the Data Protection Act (DPA) 2018 for research, specifically for public interest and scientific research  Highlight key actions for researchers to ensure GDPR and DPA 2018 compliance  Update on new research sector guidance

  4. Some context: Regulation v. national law Previous privacy framework was a Directive: Each EU state has own law and own interpretation GDPR is a directly applicable Regulation: GDPR is the same in each Member State…but Member States can legislate on specific areas or activities which are subject to ‘derogations’ Research is a derogation Need to understand GDPR plus relevant domestic legislation: In the UK the Data Protection Act 2018

  5. Some context: Brexit GDPR has applied since 25 th May 2018 • The UK Data Protection Act 2018 received Royal Assent in May • 2018 to bring GDPR into national law New draft legislation – The data protection, privacy and electronic • communications (amendments etc.) (EU exit) regulations 2019 – has also been prepared to ensure that the data protection legal framework continues to function after Brexit New legislation amends the Privacy & Electronic Communications • Regulations 2003 (PECR) and the DPA18, and introduces the “UK GDPR”

  6. The Regulators In the UK Information Commissioner’s Office (ICO) regulates the Data Protection Act 2018 In the EU the European Data Protection Board (EDPB) regulates the GDPR – after March 2019 ICO will no longer be part of EDPB For EU cross border complaints where UK citizens or UK business involved…not clear yet what will happen

  7. Some Concepts: 3 Types of Data e.g. Name De- Non- e.g. Unique identified Postcode identifiable identifier Data data e.g. Health information Personal Dataset Pseudonymised Dataset Anonymised Dataset

  8. Some concepts: Obligations •Lead responsibility Data •Direct responsibilities e.g. Required to conduct DPIA; Point Controller(s) of contact for individuals; Audit of DP responsibilities •Contractual obligations Data •Direct responsibilities •Contractual obligations e.g. seek approvals e.g. to appoint sub- Processor processor or data transfers out of EEA But also •Appointment of DPO; record- keeping; technical and similar organisational measures; privacy by design and default, lawful obligations basis for processing; data breach notification

  9. Key concept: Processing research data Options available for research processing: Consent - specific, informed and freely given consent through clear affirmative action Legitimate interest - based on reasonable expectations and provided does not override the rights of individuals (research is a compatible purpose) Public interest – processing is necessary for the performance of a task carried out in the public interest or in the exercise of an official authority vested in the controller Other grounds - such as: contract; compliance with legal obligation; vital interests of data subject

  10. Public Interest Research – the what Public interest not defined in GDPR or UK DPA18 • Specific ICO guidance for freedom of information and environmental • information regulations plus public law proceedings via the UK courts ONS Research Code of Practice and Accreditation Criteria (developed • for the Digital Economy Act) Broad understanding: • public interest represents collective interests • promotes wider values than purely economic or market issues • takes account of all including citizens •

  11. Public Interest Research – the who Public task as a processing ground for research • Processing is necessary for… • the performance of a task carried out in the public interest; • or in the exercise of official authority vested in the controller • For a public task which is in the public interest the controller must be • a public authority Must be based on authority in law but includes organisations with • research as an incorporated or statutory purpose e.g. NHS, universities

  12. Public Interest Research – the process Does the underlying task, function or power have a clear basis in law? What is the public interest being pursued? Is the processing necessary for the public interest? Do the data subject’s rights override the public interest text being pursued?

  13. Public Interest Research – in practice HMRC collects extensive personal data provided largely for the • purposes of tax assessment and collection. If HMRC wishes to carry out research that is directly related to • improving how HMRC carries out its functions it could do so under the “public task” processing conditions – rather than other conditions such as informed consent However HMRC could still decide to follow other processing grounds, • such as informed consent, due to wider research and ethical considerations Such considerations and decisions must be documented to • demonstrate why an approach was selected and on what basis

  14. Public Interest and Scientific Research – the data DPA18 has additional specific conditions for “substantial” public • interest research, separate from a public task, which is for: Archiving purposes in the public interest • Scientific or historical research purposes • Statistical purposes • To use the specific conditions: • Necessary for archiving purposes, scientific or historical research • purposes or statistical purposes Is in the public interest • DPA18 sets out an extensive list of specific activities deemed to • meet substantial public interest Still need to have a legal ground for processing personal data • Can use this to process ‘special category data’ without consent • assuming all other conditions are met (necessary, with appropriate safeguards, meets the public interest test) The controllers for this could be public or private in order to use these • conditions

  15. Public Interest and Scientific Research – in practice Special category data (race, ethnicity, religion etc.) and/or criminal • convictions data may be collected as demographic data for research classification purposes The data might also be collected for equal opportunities monitoring • If the latter, which is substantially in the public interest, the public • interest and scientific research conditions can be used Such data could be collected by either public or private organisations; • the condition will apply irrespective of the type of controller collecting the data

  16. Research exemption Personal data that are processed for scientific or historical research • purposes or statistical purposes or archiving purposes in the public interest have access to a research exemption; and there is no need to undertake a public interest test except for archiving The exemption recognises the importance of personal data in • providing a strong science base, ensuring quality and reliability It is not an automatic exemption. To use it controllers must consider: • Necessity of processing • Extent to which full compliance would impair research processing • Appropriate safeguards must be met which includes: • Not for measures or decisions with respect to particular data • subject No likelihood of substantial damage or substantial distress • Other requirements such as technical and organisation measures still • required plus any resulting research results must be published

  17. Research exemption What it means: • Exemptions and exceptions from certain data subject rights such • as objecting to processing, restricting processing and data rectification Exceptions from provisions on the right to be informed and the • right to erasure Limits the application of the purpose and storage limitation so • data can be used for other research purposes, kept for longer periods Some isolated transfers outside the EEA if to increase knowledge • Some limitations on the right of data access if disproportionate • effort Longitudinal projects, cohort studies, multiple wave research projects • – projects where there is a need to keep data for a long time, and/or have information about participants for a long time – might find the research exemptions of most use

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

GDPR How does it apply to me? What is GDPR? It is the LAW! What is GDPR? The General Data

GDPR How does it apply to me? What is GDPR? It is the LAW! What is GDPR? The General Data

GDPR How does it apply to me? What is GDPR? It is the LAW! What is GDPR? The General Data Protection Regulation Came into force on May 25 th Replaces the current 1995 Data Protection Directive and Data Protection Act (1998). What is GDPR?

570 views • 18 slides
1 Why are we here? Many ESPA projects use social surveys (broadly defined) and face similar

1 Why are we here? Many ESPA projects use social surveys (broadly defined) and face similar

1 Why are we here? Many ESPA projects use social surveys (broadly defined) and face similar challenges Specific focus on what is different about implementing social surveys in the ES context Learning from each other best practice

384 views • 12 slides
Data minimization & concentration: Intended and unintended consequences of the GDPR Garrett

Data minimization & concentration: Intended and unintended consequences of the GDPR Garrett

garjoh_canuck Data minimization & concentration: Intended and unintended consequences of the GDPR Garrett Johnson (Boston U) Scott Shriver (U Colorado Boulder) GDPR Impact GDPR General Data Protection Regulation EU EEA Brexit GDPR

833 views • 27 slides
Protection Regulation (GDPR) Presentation Structure What is the GDPR? When and where does

Protection Regulation (GDPR) Presentation Structure What is the GDPR? When and where does

Presentation by Michalis Mantzaris, PhD Introduction to General Data Protection Regulation (GDPR) Presentation Structure What is the GDPR? When and where does it apply? Consisting elements and Guideline provision Key changes and

605 views • 23 slides
Overview What is the GDPR? What are the main changes? Risks? What do you need to do

Overview What is the GDPR? What are the main changes? Risks? What do you need to do

Overview What is the GDPR? What are the main changes? Risks? What do you need to do to be compliant? Data Breaches How does the GDPR affect you? Steps to Compliance Summary What is the GDPR? q The EU's General Data

355 views • 17 slides
PROTECTION REGULATIONS May 2018 GDPR What is GDPR What is different Principles

PROTECTION REGULATIONS May 2018 GDPR What is GDPR What is different Principles

GENERAL DATA PROTECTION REGULATIONS May 2018 GDPR What is GDPR What is different Principles of of GDPR How does it effect school How are school preparing How does it effect individual staff How can

475 views • 12 slides
V1E 12 Sept 2016 Surveys V1 2016 SLDM Surveys 1 V1 2015 StatChat2 2 2 Polls and Surveys

V1E 12 Sept 2016 Surveys V1 2016 SLDM Surveys 1 V1 2015 StatChat2 2 2 Polls and Surveys

V1E 12 Sept 2016 Surveys V1 2016 SLDM Surveys 1 V1 2015 StatChat2 2 2 Polls and Surveys Surveys of People BENEFITS: Milo Schield, Augsburg College Cheap: Survey Monkey Member: International Statistical Institute Measure

165 views • 14 slides
Welcome Agenda GDPR is in force now and applies to Australian businesses What does GDPR require?

Welcome Agenda GDPR is in force now and applies to Australian businesses What does GDPR require?

Welcome Agenda GDPR is in force now and applies to Australian businesses What does GDPR require? How does an Australian business comply? Action Plan Section 1: GDPR is here Privacy in the digital age Historically, privacy was almost

513 views • 40 slides
Click to add title Click to add subtitle Before the GDPR: the great GDPR compliance panic The

Click to add title Click to add subtitle Before the GDPR: the great GDPR compliance panic The

Almost one year after the GDPR, where are we now? Click to add title Click to add subtitle Before the GDPR: the great GDPR compliance panic The first year of the GDPR can best be described as "quiet test run. What are the most striking

405 views • 8 slides
GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU

GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU

GDPR T owards Compliance 25 May 2018 Wha hat t is GDPR? EU Data Protection Directive EU General Data Protection 1995 Regulation 2016 Data Protection Act 1998 Data Protection Bill 2017-19 Fines DPA GDPR Maximum Fine 500k Two

622 views • 17 slides
Surveys, social licence and the IDI A collaborative project between The University of Auckland

Surveys, social licence and the IDI A collaborative project between The University of Auckland

Surveys, social licence and the IDI A collaborative project between The University of Auckland Pauline Gulliver, Janet Fanslow, Monique Jonas, Tracey McIntosh, Debbie Waayer Statistics New Zealand Gayle Beck, Andrea Lawson, Matthew Flanagan

889 views • 53 slides
Surveys, social licence and the I DI A collaborative project between The University of Auckland

Surveys, social licence and the I DI A collaborative project between The University of Auckland

Surveys, social licence and the I DI A collaborative project between The University of Auckland Pauline Gulliver, Janet Fanslow, Monique Jonas, Tracey McIntosh, Debbie Waayer Statistics New Zealand Gayle Beck, Andrea Lawson, Matthew Flanagan

861 views • 69 slides
GDPR Dont be scared Even if you cant answer all the questions on the form GDPR Dont

GDPR Dont be scared Even if you cant answer all the questions on the form GDPR Dont

GDPR Dont be scared Even if you cant answer all the questions on the form GDPR Dont be scared 60% of people welcome the rights under GDPR 48% of UK adults plan to activate their rights 56% welcome the right to object to marketing

1.32k views • 37 slides
GDPR Webinar Guide Overview and key points Part 1 of our series on GDPR and its impact on the

GDPR Webinar Guide Overview and key points Part 1 of our series on GDPR and its impact on the

1 GDPR Webinar Guide Overview and key points Part 1 of our series on GDPR and its impact on the recruitment industry 2 Introduction The rules which underpin the storage of personal data have changed dramatically. The new EU-US Privacy Shield

998 views • 35 slides
GDPR Obligations & Rules Introduction to Privacy and the GDPR Simone Fischer-Hbner

GDPR Obligations & Rules Introduction to Privacy and the GDPR Simone Fischer-Hbner

GDPR Obligations & Rules Introduction to Privacy and the GDPR Simone Fischer-Hbner CC-BY-4.0 Advising, Monitoring, Enforcing European Data Protection Board Art. 68 - 73 (replacing the Art. 29 Working Party) advise Supervisory

626 views • 8 slides
GDPR Breach & Automated Decision Making Part 5 of our series on GDPR and its impact on the

GDPR Breach & Automated Decision Making Part 5 of our series on GDPR and its impact on the

GDPR Breach & Automated Decision Making Part 5 of our series on GDPR and its impact on the recruitment industry This webinar is provided for information purposes and is NOT intended to be legal advice pertaining to the subject matter. If you

617 views • 38 slides
Opportunities offered by the BUILD UP interactive web portal Timothe Nol BUILD UP Users and

Opportunities offered by the BUILD UP interactive web portal Timothe Nol BUILD UP Users and

Opportunities offered by the BUILD UP interactive web portal Timothe Nol BUILD UP Users and Stakeholders Committee Brussels, 15 December 2009 Project Officer EACI Unit 2 Energy Efficiency Goals Improve the energy performance of

338 views • 6 slides
Joint Working Group Meeting: CWG, MWG, ORWG, CBASC August 29-30, 2012 REVERSION PLAN DON

Joint Working Group Meeting: CWG, MWG, ORWG, CBASC August 29-30, 2012 REVERSION PLAN DON

Joint Working Group Meeting: CWG, MWG, ORWG, CBASC August 29-30, 2012 REVERSION PLAN DON SHIPLEY, CARL STELLY 2 Reversion Plan Review Reversion Plan Timeline Filings Assumptions All that can be done to mitigate will have

552 views • 15 slides
Ramp Metering Jeremy Dilmore, P.E. FDOT District Five TSM&O Engineer Ramp Signaling in

Ramp Metering Jeremy Dilmore, P.E. FDOT District Five TSM&O Engineer Ramp Signaling in

` Ramp Metering Jeremy Dilmore, P.E. FDOT District Five TSM&O Engineer Ramp Signaling in FL CO RSS Warrant Study (2012); TSM&O Strategic Plan (2013); RSS Implementation Guide (2017); D4 - I-95 Managed Lane Phase 3 ( 54 RS

365 views • 12 slides
PURSS: Towards Perceptual Uncertainty Aware Responsibility Sensitive Safety with ML Rick Salay, 1

PURSS: Towards Perceptual Uncertainty Aware Responsibility Sensitive Safety with ML Rick Salay, 1

PURSS: Towards Perceptual Uncertainty Aware Responsibility Sensitive Safety with ML Rick Salay, 1 Krzysztof Czarnecki, 1 Ignacio Alvarez, 2 Maria Soledad Elli, 2 Sean Sedwards, 1 Jack Weast 2 1 Dept. Electrical and Computer Engineering, Univ. of

538 views • 23 slides
Winthrop at a Glance The regional clinical campus for Stony Brook University SOM 600-bed

Winthrop at a Glance The regional clinical campus for Stony Brook University SOM 600-bed

The AE4Q Experience at Winthrop University Hospital A National Initiative of the AAMC Robert DAntuono, MHA Director, CME Assistant Dean, Clinical Campus April 11, 2013 SACME Spring Meeting Winthrop at a Glance The regional clinical

313 views • 4 slides
RSS Feeds RSS Feeds Your own personal magazine Your own personal magazine What are RSS

RSS Feeds RSS Feeds Your own personal magazine Your own personal magazine What are RSS

RSS Feeds RSS Feeds Your own personal magazine Your own personal magazine What are RSS Feeds? What are RSS Feeds? What does it stand for? What does it stand for? Really Simple Syndication Really Simple

387 views • 27 slides
COURSE PLANNING 2019-2020 RSS Home Page http://www.rss.sd23.bc.ca/Pages/default.aspx 3 YEAR

COURSE PLANNING 2019-2020 RSS Home Page http://www.rss.sd23.bc.ca/Pages/default.aspx 3 YEAR

COURSE PLANNING 2019-2020 RSS Home Page http://www.rss.sd23.bc.ca/Pages/default.aspx 3 YEAR RULE ~ Policy of S.D. No 23 ~ Students have 3 years to achieve graduation starting at grade 10. Students who do not achieve graduation by the

822 views • 47 slides
EMA recommendations from the Regulatory Science Strategy to 2025 Implications for patients and

EMA recommendations from the Regulatory Science Strategy to 2025 Implications for patients and

EMA recommendations from the Regulatory Science Strategy to 2025 Implications for patients and healthcare professionals PCWP/HCPWP joint meeting Presented by Tony Humphreys on 3 March 2020 Head of Regulatory Science and Innovation Task Force

255 views • 21 slides

More recommend